Category Archives: Business

September 23, 2012 · 10:06 am

How do you Outthink the Competition?

Kaihan Krippendorff

How great strategists see options others don’t see?

Outthink the Competition is a strategic workshop that organizations can employ to develop creative solutions to disrupt markets and gain sustainable competitive advantage.

Example of a Strategem

#25 – Shed Your Skin Like the Golden Cicada

Original description:

“Make your front array appear as if you are still holding your position so that the allied force will not suspect your intention and the enemy troops will not dare to attack rashly. Then withdraw your main forces secretly.”

Modern interpretation:

  • Create a façade that appears to be the real thing, then move the action somewhere else.

Brainstorming question:

  • If you current activity were an empty shell, to where could you move the action?

Business example to research:

  • Best Buy profits from service not selling electronics

Part 1 – The Foundation

Part 2 – The New Outthinker Playbook

Part 3 – The 5 Habits of Outthinkers

Part 4 – Apply the Outthinker Process

Part 5 – Rebuilding the Organization from Within

Kaihan describes the IDEAS framework

the central process to Strategic Innovation.

“To change the world you need to change reality, and to change reality you need to change perception, which you engineer with creative language. Here are the five steps to begin changing the world – just follow your IDEAS:

1. Idealize: define an ideal future state of the system

2. Diagnose: identify the key issues that must be addressed to achieve this ideal state

3. Explore: brainstorm creative, out-of-the-box strategies for addressing the issues identified

4. Assess and analyze: evaluate potential strategies to isolate those with the highest potential and then test their value with fact-based analysis

5. Story: wrap the resulting solution into a story that wins the interest and support of the key stakeholders needed to bring the idea to fruition

1) Create a compelling idea: when I spoke to Musk about Space X and asked why he wanted to create a private space company, he said something like, “Because a future in which everyone can get into space is more exciting than one in which only the government can.”

Therefore, you need to describe an ideal situation that appeals to people’s common sense. And keep it really simple. If your description of this ideal future is too complex, then you won’t be able to understand nor explain your project well enough.

2) Diagnose the changes that need to take place: for mankind to evolve from hunting and gathering societies to agricultural ones required two major innovations to occur: 1. the invention of the scratch plough and 2. the domestication of the ox. If we did not have both, we would either be riding oxen to hunt or sweating under the hot sun as we scratched lines too short to plant seeds in. For bold ideas to be realized, it usually requires that multiple parts of the system undergo radical change.

Musk’s vision of an electric car that could travel halfway across the country on one charge between breakfast and bedtime requires not only breakthroughs in battery technology but also the creation of a system of “gas stations” at which drivers can stop to swap out batteries. It requires the passing of new laws and regulations to encourage electric vehicles. It’s a multifaceted problem that seems impossible if you view these challenges as reasons the idea won’t work. However, if you view them as variables in the system that you can influence, then they become simply part of the puzzle.

3) Explore possible solutions: having identified the various interconnected elements that need to change, you must now explore never-before-tried solutions. The breakthrough usually occurs through an analogy or metaphor. Yunus, for example, banged his head against the banking sector, which refused to accept his idea of microcredit. His dream became reality when he stopped viewing his project as a social plan but rather as a bank for the poor. Then all of the previously insurmountable problems revealed simple solutions.

A key difference between innovative companies and less innovative ones is defined by what they decide to do with seemingly improbable ideas. It makes sense to focus your attention only on the ideas that are feasible and, indeed, this is what most companies do. But more innovative companies keep “crazy” ideas on the table. They invest time exploring whether these ideas may become feasible.

To avoid your team’s tendency to discard ideas that seem initially “crazy,” it helps to break down your process of choosing from the ideas you generated during the “Exploration” phase into two steps, carefully managing each to give truly innovative solutions a chance.

4) Assess the benefits and consequences: Since you do not have time to test all of your ideas with rigorous analysis, you must first conduct an initial assessment to decide which are worth the effort. Many great ideas die at this early phase, because, upon initial assessment, the team rules them out. Why did it take HP decades to adopt a version of Dell’s “go direct” model? Why did it take American Airlines, Delta, and other traditional airlines 30 years to mount a meaningful counter to Southwest’s budget airline model?

Great companies fail to adopt great ideas because, initially at least, they fail to recognize an innovative idea as holding strategic value. They are not even willing to invest the time to measure the idea’s risks and reward potential.

To help your group avoid its natural tendency to rule out ideas that initially appear “crazy,” it helps to assess your ideas across two unrelated dimensions. I call these the “path” and the “ease.” The goal is to find a way to win with the least amount of effort and find the path of greatest ease.

 The Path is defined by the impact the idea would have on achieving your goals. If you had a magic wand with which you could achieve every idea you conceived, which ones would prove to be the most impactful and profitable? Judge those ideas using a scale of high, medium, and low to the impact they can have on your organization’s path.

Then assess the Ease with which you could realize each idea. Consider how little it will cost, how quickly it can be implemented, if your organization has the capabilities or knowledge to do so, and how complex execution will be. Again judge the achievability of each idea as high (low

 

Are all outthinkers found in high-tech industries?

Kaihan Krippendorff – author of Outthink the competition – describes how Urban Outfitters was able to bring strategic innovation to bear in a very traditional industry: high street apparel retail.

In his book Kaihan sets out how to apply Asian strategic thinking from 500 AD to modern day business situations and describes the 36 strategems,

Kaihan has identified that there are 5 key strategems that have been applied in modern Business to get ahead of the pack.

He has developed a set of frameworks and methods that I am calling the “Kaihan Kitbag”

You can either attend one of his workshops or read his book to find out more about the secret sauce that winners need to apply. 

http://www.kaihan.net/

Leave a comment

Filed under Business

Tagged as , , , , , , , , ,

September 16, 2012 · 8:12 am

Is Converged Infrastructure the solution to your Private Cloud needs?

 

“VCE, the Virtual Computing Environment Company formed by Cisco and EMC with investments from VMware and Intel, accelerates the adoption of converged infrastructure and cloud-based computing models that dramatically reduce the cost of IT while improving time to market for our customers.”

Part 1: Building the Vblock Infrastructure Platform

See how VCE builds and delivers the market-leading Vblock Infrastructure Platform. Watch how VCE takes many components and builds the Vblock platform into a fully integrated piece of converged infrastructure ready for delivery to the customer’s doorstep.

Part 2: Building the Vblock Infrastructure Platform

Knowledge Transfer and Learning along the way

ATS and CDW – Converged Infrastructure: Migrating to Vblock

As its cloud services for small businesses took off, Dallas-based ATS Cloud turned to CDW to help it converge its infrastructure by migrating to VCE Vblock. The move to the consolidated and fully virtualized environment let the company accommodate its own growth while providing speedy scalable IaaS to its end users.

Single Integrated Service Provider and VCE Professional Services

One Stop Shop with One Number to Call

Reduce Costs and Improve Asset Utilization with Vblock

Matt Eastwood, IDC – Group VP and GM Enterprise Platforms

Converging the Datacenter Infrastructure: Why, How, So What?

Richard L. Villars, Randy Perry, Jed Scaramella

IDC Whitepaper ( #234553) May 2012

“Our research with five companies that have implemented Vblock Infrastructure Platforms from VCE indicated substantial business benefits associated with IT convergence and improved asset sharing. The results also showed reduced IT costs per unit of workload, faster deployment, and reduced downtime. These organizations reported reducing calendar time for deployment of new infrastructure from five weeks to one week and reducing staff time to configure/test/deploy by 75%. They indicated that, compared with their prior IT environment, the new infrastructure led to reductions in infrastructure hardware costs and IT staff time to manage operations that lowered the average annual datacenter cost by 68% per 100 users.”

Gartner Highlights Five Things That the Private Cloud Is Not

Ongoing hype around private cloud computing is creating misperceptions about private cloud, according to Gartner, Inc. To help reduce the hype and identify the real value of private cloud computing for IT leaders, Gartner explains five common misconceptions about private cloud.

“The growth of private cloud computing is being driven by the rapid penetration of virtualization and virtualization management, the growth of cloud computing offerings and pressure to deliver IT faster and cheaper,” said Tom Bittman, vice president and distinguished analyst at Gartner. “However, in the rush to respond to these pressures, IT organizations need to be careful to avoid the hype, and, instead, should focus on a private cloud computing effort that makes the most business sense.”

The five misconceptions about private cloud and the corresponding realities are:

Private Cloud Is Not Virtualization

Server and infrastructure virtualization are important foundations for private cloud computing. However, virtualization and virtualization management are not, by themselves, private cloud computing. Virtualization makes it easier to dynamically and granularly pool and reallocate infrastructure resources (servers, desktop, storage, networking, middleware, etc.). However, virtualization can be enabled in many ways, including virtual machines, operating systems (OSs) or middleware containers, robust OSs, storage abstraction software, grid computing software, and horizontal scaling and cluster tools.

Private cloud computing leverages some form of virtualization to create a cloud computing service. Private cloud computing is a form of cloud computing that is used by only one organization, or that ensures that an organization is completely isolated from others.

Private Cloud Is Not Just About Cost Reduction

An enterprise can reduce operational costs with a private cloud by eliminating common, rote tasks for standard offerings. A private cloud can reallocate resources more efficiently to meet enterprise requirements, possibly by reducing capital expenses for hardware.

However, private clouds require investment in automation software, and the savings alone might not justify the cost. As such, cost reduction is not the primary benefit of private cloud computing. The benefits of self-service, automation behind the self-service interface and metering tied to usage are primarily agility, speed to market, ability to scale to dynamic demand or to go after short windows of opportunity, and ability for a business unit to experiment.

Private Cloud Is Not Necessarily On-Premises

Private cloud computing is defined by privacy, not location, ownership or management responsibility. While the majority of private clouds will be on-premises (based on the evolution of existing virtualization investments), a growing percentage of private clouds will be outsourced and/or off-premises. Third-party private clouds will have a more flexible definition of “privacy.” A third-party private cloud offering might share data center facilities with others, could share equipment over time (from a pool of available resources), and could share resources, but be isolated by a virtual private network (VPN) and everything in between.

Private Cloud Is Not Only Infrastructure as a Service (IaaS)

Server virtualization is a major trend and, therefore, a major enabler for private cloud computing. However, private cloud is not limited in any way to IaaS. For example, with development and test offerings, enabling higher-level Platform as a Service (PaaS) offerings for developers makes more sense than a simple virtual machine provisioning service.

Today, the fastest growing segment of cloud computing is IaaS. However, IaaS only provides the lowest-level data center resources in an easy-to-consume way, and doesn’t fundamentally change how IT is done. Developers will use PaaS to create new applications designed to be cloud-aware, producing fundamentally new services that could be very differentiating, compared with old applications.

Private Cloud Is Not Always Going to Be Private

In many ways, Gartner analysts said that private cloud is a stopgap measure. Over time, public cloud services will mature, improving service levels, security and compliance management. New public cloud services targeting specific requirements will emerge. Some private clouds will be moved completely to the public cloud. However, the majority of private cloud services will evolve to enable hybrid cloud computing, expanding the effective capacity of a private cloud to leverage public cloud services and third-party resources.

“By starting with a private cloud, IT is positioning itself as the broker of all services for the enterprise, whether they are private, public, hybrid or traditional,” Mr. Bittman said. “A private cloud that evolves to hybrid or even public could retain ownership of the self-service, and, therefore, the customer and the interface. This is a part of the vision for the future of IT that we call ‘hybrid IT.'”

While the IDC whitepaper is sponsored by VCE and the sample was limited to only 5 customers the findings are compelling.  

If you are not considering a Vblock System based on cost savings alone you will have a hard job justifying your capex budget going forward.

So converged infrastructure provides for a simplified management solution with only one [Service Provider] throat to choke. 

From a customer perspective it is important to design the service model to match the solution to your needs exactly.  Should the customer consider a Vblock VPLEX configuration for Business Continuity or share assets with other organizations whilst retaining the benefits of a private cloud?

Gartner help to debunk a few myths around private cloud computing. This sentence stands out – Private cloud computing is a form of cloud computing that is used by only one organization, or that ensures that an organization is completely isolated from others. 

Converged infrastructure and the Vblock system is a fundamental building block of your journey from an on-premise virtualised environment into the cloud.

Safe travels.

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , , , , , ,

September 9, 2012 · 11:07 am

Will Cloud services enable HP to survive then thrive?

HP Stock Price – Year to Date

“Hewlett-Packard reported the worst-ever loss in its 73-year history as the technology giant’s ongoing struggles were compounded by a big writedown. The world’s largest PC maker by volume also reported a 5% decline in revenue.

Whitman warned that the company was feeling the impact of a weak macro economy and intense competition in PCs and elsewhere; she said that some of the company’s efforts to fix the company for the long-run could hurt results in the short-run.”

In the last quarter of 2011 Apple had moved into top position on the strength iPad sales.

“HP regains top spot in client PC market” [in Q1 2012] according to research by Canalyis. LINK

HP hasn’t been evolving rapidly enough to avoid a downturn in its financial performance. 

Meg Whitman on what she has done at HP as CEO (first 8 months)

“HP is still in the early stages of a multi-year turnaround, and we’re making decent progress despite the headwinds,” said Meg Whitman, HP CEO. “During the quarter we took important steps to focus on strategic priorities, manage costs, drive needed organizational change, and improve the balance sheet. We continue to deliver on what we say we will do.”

Spin off the PC Business? No, PCs are a significant part of the Business.

HP is in the Hardware, Software and Services Business.

HP CloudStart Solution Services

The easiest and fastest way to build your hybrid delivery cloud solution on HP CloudSystem

“HP experts conduct detailed technical and business analysis, create detailed design leading to specific technology, tools and standards recommendations based on HP’s cloud computing reference architecture. This architecture acts as a common framework for customer cloud engagements with HP. It accommodates different customer go-to-market plans, HP or partner technologies, software stacks and related cloud service requirements.”

HP CloudSystem Overview

A quick summary of HP’s activity in the Cloud with Mark Potter and industry analyst Mark Peters, with Steve Dietch introducing HP CloudSystem.

The fast track to Cloud Services and Instant On Enterprise

The enterprise Cloud solution focused on clients looking to deploy private, public and hybrid cloud environments and the full range of service models (IaaS, PaaS and SaaS).

Why HP CloudSystem

Steve Gonzalez, HP Sr. Enterprise Architect and James Johnson, HP Cloud Solution Design Services Architect.

What does the value of Services mean to us?

 HP CloudSystem Service Provider

NNIT and HP Cloud Service Automation

Jesper Bagh, Solution Architect at worldwide Norway-based service provider NNIT, discusses NNIT’s cloud computing solution and the benefits of HP Cloud Service Automation.

In order to survive HP needs to shift focus from selling hardware [tin] for a single payment to generating increased revenue through software and more importantly “Cloud Based” services which provide a steady stream of revenue over the life of a contract.

HP will thrive if the company creates a more compelling strategy for its investors by placing a few “Big Bets”. 

Increased investment in a Cloud portfolio of “Everything-as-a-Service” is a no-brainer.  HP should deliver end-to-end cloud services from CloudSystem matrix to Instant On enterprise and high value Cloud Consulting Solutions.

In the latest HP commercial the message is to “Make IT Matter”.  Well HP needs to eat it’s own dog feed and Make IT Matter for existing and new clients by promoting the HP cloud services portfolio.

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , , , , , , , ,

September 2, 2012 · 9:44 am

Is the New AWS High I/O Instance the solution to your Big Data needs?

Amazon Elastic Compute Cloud (Amazon EC2) provides the flexibility to choose from a number of different instance types. Each instance provides a predictable amount of dedicated compute capacity and is charged per instance-hour consumed.

Deepak Singh talks about the new High I/O  Instance

The new High I/O EC2 Quadruple Extra Large Instance Type – hi1.4xlarge – provides very high instance storage I/O performance and is ideally suited for many high performance database workloads.

High I/O instances are backed by 2 TB of Solid State Drives (SSD), and also provide high levels of CPU, memory and network performance.

  • 60.5 GB of memory
  • 35 EC2 Compute Units (16 virtual cores*)
  • 2 SSD-based volumes each with 1024 GB of instance storage
  • 64-bit platform
  • I/O Performance: Very High (10 Gigabit Ethernet)
  • Storage I/O Performance: Very High**
  • EBS-Optimized Available: No***
  • API name: hi1.4xlarge
  • *8 cores + 8 hyperthreads for 16 virtual cores

News International on AWS

News International, publishers of The Sun, The Times and Sunday Times uses AWS to power its digital services and platforms across the web, mobile and tablet. With AWS, News International has built a scalable, high speed transactional platform that has improved both customer experience and created an increased ability to drive incremental sales of its products.

“Michael Wasser, Founder of Raveld a startup in Seattle, talks about how he is using AWS products to run his business and help companies to cut operational costs.

Michael built Raveld after finding that his consulting customers were exceeding their cloud computing budgets due to a lack of insight into the resources they were using and what those resources were used for.

He runs the entire site on four EC2 instances. Interestingly enough, two of the instances (one front end and one back end) are acquired on the EC2 Spot market. The total cost of the four instances and an Elastic Load Balancer is less than $300 per month”.

With “Everything-as-a-Service” the new High I/O EC2 Quadruple Extra Large Instance Type – hi1.4xlarge introduces a new take on the existing service offering  “STaaS – Storage-as-a-Service”.

The difference between providing small and medium sized Businesses with backup facilities and the new High I/O instance is the capability to support high performance database workloads and ever increasing information volumes that require time sensitive processing.

As the guys from News international comment AWS EC2 provides them with the ability to tap into infrastructure and flex up very quickly to meet their information processing needs. This can be achieved with a significant reduction in Capex on Big Tin.

I include the Michael Wasser story because he is a small operator who is “Acting Big” by consuming AWS services for less than $10 per day.  How good is that?

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , , ,

August 26, 2012 · 10:14 am

SunGard establishes a Cloud Computing Research Center with UT

“SunGard Enterprise Cloud Services combines SunGard’s  world-class infrastructure with best-in-breed operational support. Enterprise Cloud Services not only helps elevate application availability —it also solidifies security and compliance frameworks.

SunGard cloud consulting combines business-focused discipline, deep technical expertise, and broad industry experience to tailor a high-value solution to your  specific requirement.

SunGard is a single source for comprehensive expertise to help:

  • identify the business functions that would benefit most from leveraging  cloud technologies
  • evaluate, design and implement the best cloud solution for your business
  • navigate the cloud adoption lifecycle
  • develop the strategies and best practices you need to align business processes with technology architecture
  • deliver a more agile, efficient, highly available and recoverable cloud environment”

SunGard Partners with UT Austin to Create Cloud Computing Research Center

SunGard Availability Services recently joined with the University of Texas at Austin to create a Cloud Computing Research Center. In this video, SunGard’s Chandler Vaughn, and Bruce Porter and Keshav Pingali from UT Austin discuss the partnership’s goal: to jointly solve problems that are of particular relevance to cloud and distributed computing.

01:55 Cloud Computing Market has been exploding in the last year,  Enterprises and Governments are asking how do I do it?

Opportunity to define what Cloud Computing means to the market

The cloud computing center will initially have four or five faculty members assigned to it, said Bruce Porter, chair of UT’s computer sciences department.

The center’s research will focus on areas such as mobile computing, networking, verification, fraud protection and encryption, officials said, and will include developing approaches to protecting data as it traverses the cloud and the Internet.

“Cloud computing today is still in the early stages of development. As an industry, it’s still very much in its infancy. There are a number of problems that need to be solved in the next five to 10 years,” Kodukula said.

He said his company rated UT highly both for its research prowess and its openness in working with industry to commercialize research discoveries.

SunGard and UT Austin have created an executive committee composed of two UT Austin faculty (Professor Bruce Porter and Professor Keshav Pingali) and two SunGard executives (Kodukula and Chandler Vaughn, vice president, product development) to guide the overall research program at the Cloud Computing Research Center. One of the first projects under consideration is the development of an Exabyte-scale storage cloud building on the Depot research led by Professors Mike Walfish, Mike Dahlinand Lorenzo Alvisi.

SunGard Availability Services Chief Technology Officer, Indu Kodukula, walks us through how the SunGard cloud was built on best-in-class technology and how we are able to deliver a highly available solution for your applications, whether running on your environment or ours.

Simon Withers, Head of Product Management & Development, Cloud and Managed Services at SunGard Availability Services.

Phil Laslett, Enterprise Cloud Specialist at SunGard Availability Services.

So SunGard aims to move up the value chain from Infrastructure and Platform-as-a-Service offerings like Recover2Cloud or the the development of an Exabyte-scale storage cloud.

Applying Cloud Computing research to architect solutions to real Business problems will be quicker with the help of the faculty and bright young things at UT.

Harvesting the intellectual horsepower of the UT students will help invigorate and re-position SunGard Availability Services into a different Marketspace.

 

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , , , ,

August 19, 2012 · 11:01 am

Securing Access to the Cloud with Security as a Service (SECaaS)

What Is Security for Cloud Computing?

“Security controls in cloud computing are, for the most part, no different than security controls in any IT environment. However, because of the cloud service models employed, the operational models, and the technologies used to enable cloud services, cloud computing may present different risks to an organization than traditional IT solutions.

Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties.

One of the attractions of cloud computing is the cost efficiencies afforded by economies of scale, reuse, and standardization. To bring these efficiencies to bear, cloud providers have to provide services that are flexible enough to serve the largest customer base possible, maximizing their addressable market. Unfortunately, integrating security into these solutions is often perceived as making them more rigid.

This rigidity often manifests in the inability to gain parity in security control deployment in cloud environments compared to traditional IT. This stems mostly from the abstraction of infrastructure, and the lack of visibility and capability to integrate many familiar security controls — especially at the network layer”. [extract]

CSA Reference Model


Proofpoint – Security as a Service

CEO Gary Steele discusses how and why Proofpoint uses cloud-based technologies to deliver security and compliance solutions to its customers. Benefits of security-as-a-service solutions are cost, superior threat detection, prevention, and innovation.

Cloud Security Platform –  CloudAccess

Enterprise security delivered from the cloud as a SECaaS (Security-as-a-Service) application. http://www.cloudaccess.com/ – CloudAccess eliminates risk for customers and delivers a cloud-based IT security platform that is easy to use, affordable and manageable.

TELCO Challenge – Cloud Security Services

Almost by definition, telecom operators are becoming cloud service providers, opening up new opportunities to become a trusted extension of corporate IT.

In this video, Jim Reavis, Executive Director of the Cloud Security Alliance, discusses the two-fold requirement for operators to best secure their own networks while leveraging this infrastructure for outsourced IT services.

Nick Kael, Principal Security Strategist at Symantec, discusses the telco challenges of multi-tenant cloud security. Four design principles for cloud security are presented.

So Security as a Service (SECaaS) is the set of security service capabilities that are typically provided by a third party using the SaaS (software as a service) model.

At a hardware level the local / global network providers (Telcos) have deep expertise in all types of security offerings for Traditional IT and Cloud IaaS and PaaS.

The Cloud Security Alliance is a trusted source of research that will enable you to evaluate and procure next generation Security as a Service(s).

You can procure a managed cloud security service but it is important to understand that the Security as a Service broker sits between the Customer and the Cloud Service Provider.  Cloud Security is a shared responsibility but you can’t handover accountability for risk management and information assurance.

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , , , , , , ,

August 12, 2012 · 11:50 am

Cloud Information Assurance must address the whole risk picture

Seeing the Whole Risk Picture

PWC Risk assurance partner Dean Simone.

Prepare for what’s around the corner.

Anticipate and deal with risks that are unknown.

How can we build trust in the cloud to drive business growth?

Extract from a report co-authored by Jan Schreuder PWC Partner

“When adopting Cloud Services PWC clients often ask:

  • What are the risks associated with Cloud Computing and how do we manage them?
  • How will cloud computing impact our regulatory and compliance requirements?
  • How do we maintain control and oversight over the cloud environment?
  • Is moving to a cloud computing environment cost effective?
  • How will cloud computing impact on business continuity and disaster recovery planning?

PWC Cloud Assurance can help clients:

  • Assess and manage the technical, operational, financial, legal, regulatory, tax risks and opportunities associated with cloud adoption.
  • Design and review the project framework to transition services to the cloud.
  • Analyse the business case and costs to ensure business benefits are realistic and achievable.
  • Design and review security and controls before, during, and after the move to the cloud.
  • Design and review business continuity and disaster recovery procedures for cloud services.
  • Provide third party assurance over cloud service providers’ control environment.”

Information Assurance in the Cloud

Alan Calder, CEO of IT Governance Ltd

Three minutes into this video clip Alan looks at risk in the cloud.

03:39 One way of looking at Risk in the Cloud is to look at where risk ownership lives.

03:55 – where Security and Compliance is concerned there is balance with responsibility shared between the Cloud Service Provider and the User.  Risk however is all with the user of the Cloud service.

Nature of the cloud is that you can take and use what you want to but it is your risk your information, your business,  your service.

04:40 – Trust Boundaries in the Cloud shift depending on usage, e.g. IaaS or SaaS

09:15 – Cloud Controls Matrix

LINK to download the Cloud Security Alliance – Cloud Controls Matrix

11:45 Understand Cloud Security

Steve Wozniak, interviewed by a French press agency earlier this week, confessed to the audience that he worries about the insecurity of Apple’s famed iCloud.

“I really worry about everything going to the cloud,” said Wozniak. “I think it’s going to be horrendous. I think there are going to be a lot of horrible problems in the next five years.”

iCloud essentially acts a remote server responsible for synching computing devices. In other words, if a user sends information to one cloud-connected device, the cloud will intercept the information and send it to every other device connected to the cloud space.

“With the cloud, you don’t own anything. You already signed it away,” said Wozniak. “The more we transfer everything onto the web, onto the cloud, the less we’re going to have control over it.”

Matt Honan – How Apple and Amazon Security Flaws Led to My Epic Hacking

“My experience leads me to believe that cloud-based systems need fundamentally different security measures. Password-based security mechanisms — which can be cracked, reset, and socially engineered — no longer suffice in the era of cloud computing.” LINK to Wired article.

Steve Wozniak and Matt Honan have both spoken out about the risk to Cloud Service users losing their content stored in the cloud.  Security Controls require strengthening to protect access to cloud based personal information.

Alan Calder mentioned that SAS 70 has been replaced by Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization.

In addition, Joe Panettieri has written about how SSAE 16 Audits Gain Momentum With Cloud Data Center Providers  LINK

Cloud Service Providers are also keen to achieve accreditation to SSAE 16. One example is a cloud data security company CloudLock who completed their SSAE 16 SOC 1 Audit in May.

Cloud Information Assurance for me is applying the Cloud Controls Matrix to build the end-to-end service model that differentiates between who has ownership for service assets.

It is also about having clear Trust Boundaries in the cloud with crystal clear commercial and contractual responsibilities for service risk .

The Cloud Computing Model with Hyper Hybrid [Connected] Clouds, Cloud Service Providers, Cloud Service Brokers and Cloud Service Users is still in its infancy.  

As such nobody in the end-to-end service chain has an understanding of the whole risk picture but the colour palette is emerging.

1 Comment

Filed under Business

Tagged as , , , , , , , , , , , , , ,

August 5, 2012 · 11:47 am

Achieving High Performance with Predictive Analytics

“Analytics is rapidly emerging as the next management discipline. Rather than relying on intuition when pricing products, maintaining inventory, developing marketing campaigns or hiring talent for example, use predictive analytics from Accenture Analytics to deliver the improved insights and outcomes that drive high performance”.

Descriptive Analytics is also known as Business Intelligence

Predictive Analytics is Business Led and Technology Enabled and helps understand what the data means the “So What”

Informed Decisions mean Better Business Results

“In this elastic world, high performance hinges on the ability to gain insights from data. Informed executives make more insightful decisions that deliver improved business outcomes across the enterprise.

Overview

Analytic capabilities underpin the most important imperatives C-suite officers face today:

  • Driving growth—from new markets, new customer segments and opportunities, marketing transformation and innovation.
  • Enhancing cost and cash advantage—through balance sheet efficiency; enhanced working capital; better capital allocation and return on investment; and resetting structural costs for more flexibility.
  • Improving operational excellence—by realigning the operating model; reengineering key processes; focusing on lean processes and operational effectiveness; and sourcing operational excellence.
  • Restructuring the business at scale—through M&A, divestitures, consortia, industry restructuring, value chain restructuring and business ecosystems.
  • Winning the war for talent—by re-skilling the workforce, sourcing new talent, developing change agents and creating a human capital strategy”.

Accenture is positioned as a Leader in Business Analytics IT Consulting and Systems Integration Services, according to the International Data Corporation (IDC) MarketScape Report.

May IDC MarketScape Report cites strategy, innovation and delivery as key Accenture strengths.

So Predictive Analytics is about having the capability to analyze and mine company data stores in order to predict future trends and forecast probabilities.

The organization will typically take the following approach:

  • look in the Rear View Mirror to determine What Happened
  • drill into the data to establish Why it Happened 
  • then apply this insight to predict What Will Happen Next

For me the key differentiator is whether the organization has the ability to outperform their competition by implementing Predictive Analytics to enable the Business to make informed decisions.  This is a real world example of how a technology solution is delivering value to the Business.    

Leave a comment

Filed under Business

Tagged as , , , , , , ,

July 29, 2012 · 10:19 am

CISCO has a Cloud CTO; does your organization need one too?

Lew Tucker Cisco Cloud Chief Technology Officer

“As a CTO, I think we’re often asked to look around corners, to peer into the future and to extrapolate from what we see in the marketplace today and technology trends so that we can anticipate what’s coming next.

One of the things I think we find is that the market always responds to a need that’s present in the marketplace by the customers.

So one of those needs was to develop the software that Amazon runs in an open-source environment so that anybody could build their Amazon-style cloud.

And so Cisco saw an opportunity here to influence that and in fact make sure that the idea of a network based service would become an essential part of this new open-source, OpenStack cloud”.

Lew Tucker @ Cloud Connect

You will have to adjust the volume.  Excellent presentation slides supporting the key messages that he conveyed.

Moving to a world of many clouds – “connected Clouds”

As we move forward we will start to see the emergence of industry vertical clouds e.g. Healthcare, e-Gov

06:05 Cloud Focus. It is important that we get the cloud computing model right

Build out your virtual data centre with the trinity of Network, Compute and Data services

07:40 OpenStack high level overview

Description of Quantum Network Service Abstraction

Multi-tenant Virtual Data Centres

Think deeply about what you want in your own Virtual Data Centre in the Cloud

Organizations will typically ask the CIO or the CTO to assimilate responsibility for the design of the Cloud Strategy and implementation of the Cloud Model.

For me the cloud ecosystem is far too dynamic and moving at such a pace that the sole focus of the CTO must be on enabling Business change and delivering cost savings.  The CTO must specify whether Application placement will either be close to the customer [Systems of Engagement] or close to the data. 

Presently key Business stakeholders have no interest in the Data Centre infrastructure and are ambivalent regarding from where Compute services are sourced.  For example iCloud, Dropbox etc. are ubiquitous and always on.

The CTO should be responsible for the Cloud Blueprint.  One design solution increasing in adoption is where Virtual Private Clouds extend the Data Centre into the cloud.  Network service providers deliver Virtual Private Network tunneling and multiple subnets to enable the seamless linkage between the physical data centre and elastic compute services.  

Moreover, the CTO must support the Sourcing and Procurement function manage the commercial relationship with Cloud Service Brokerages who package cloud services for customers.  

For me there is a clear distinction between the CIO, CTO and Cloud CTO roles.

  • The Cloud CTO is on the Sell side and is a role fulfilled by Cloud Independent Software Vendors and providers of Network, Compute and Data Services.
  • On the Buy side sits the CTO who is responsible for designing, sourcing and managing the service to the customer regardless of whether it is comprised of VPCs ,on and off premise, connected clouds or Hyper-hybrid Clouds.

If your organization does not have a CTO then you can reach out to the many advisory firms to help map out your journey into the Cloud.  Safe travels.

Leave a comment

Filed under Business

Tagged as , , , , , , , , , , ,

July 22, 2012 · 8:49 am

IDC launch a Cloud Decision Framework Tool

IT Leaders are struggling with the role and application of Cloud Computing.

Explore the topic of IT Cloud Decision Economics.

IDC has developed a new Cloud Decision Tool.

Access to the Tool is provided on a complimentary basis.

“IDC’s new Cloud Decision Economics tool, the Cloud Decision Framework Tool helps inform those seeking insights into the application and workload hosting strategies, analyzes private vs. public options and more.

Worldwide public IT cloud services spending is forecast to surpass $55 billion in 2014. Yet IT leaders continue to struggle with quantifying the operational, organizational, and financial implications of their application hosting and platform decisions.

To help IT decision makers to better understand their options and the associated implications as they move various enterprise workloads to the cloud, International Data Corporation has developed a new Cloud Decision Framework Tool.”

“This tool was carefully designed to help guide IT managers in their decisions around on-premise, private and public cloud computing options,” said Joe Pucciarelli, vice president, Technology Financial & Executive Strategies at IDC. “The painstaking evaluation struggles that once plagued the cloud decision-making process have been all but eliminated as the Cloud Decision Framework Tool does all the heavy lifting.”

IDC’s Cloud Decision Framework Tool Helps IT Managers:

  • Become more agile in the cloud decision making process
  • Understand and take advantage of the profound technology, platform, staffing, and economic opportunities that will shape IT strategies in the coming years
  • Identify customer priorities for IT cloud system management software investments
  • Align business/IT governance around a specific cloud vision
  • Restructure IT purchasing and sourcing approaches
  • Evaluate overall cloud goals

“The Cloud Decision Framework Tool allows you to decompose a very complex business decision by breaking it down into its key components. A CIO can use the tool to collaborate with the rest of the executive team and get them on board with moving to a cloud,” commented Allyn McGillicaddy, Principal, Office of the CIO.com

IDC should be congratulated for creating a tool that will help inform IT Leadership in the development of their cloud adoption approach,  

The design principles and selection criteria support the decision making process by providing a fact based report against three dimensions – Organization, Operations and Business.

By making the tool complimentary IDC has made it possible for IT Leaders to “open the kimono” of external Service Providers and also to see through the solution vendors inflated claims.  

The Cloud Decision Framework will force the Cloud Brokers and Cloud Service Providers to demonstrate how they score / rate against a standard set of publicly available criteria.

So the time has arrived for the Cloud Ecosystem partners to stop being masters of spin and specify exactly how they will deliver speed to value.

My 24th June post was on the subject of Cloud Economics.

.

1 Comment

Filed under Business

Tagged as , , , , , , , ,